<?php
namespace App\Security;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Authorization\AccessDecisionManagerInterface;
use Symfony\Component\Security\Core\Authorization\Voter\Voter;
use App\Entity\Permission;
class PermissionVoter extends Voter
{
const VIEW = 'view';
const EDIT = 'edit';
const WAREHOUSE_VIEW = 'warehouse_view';
const WAREHOUSE_EDIT = 'warehouse_edit';
const TRANSFER_EDIT = 'transfer_edit';
const TICKET_VIEW = 'ticket_view';
/**
* @var AccessDecisionManagerInterface
*/
private $decisionManager;
public function __construct(AccessDecisionManagerInterface $decisionManager)
{
$this->decisionManager = $decisionManager;
}
protected function supports(string $attribute, mixed $subject): bool
{
if (!in_array($attribute, array(self::VIEW, self::EDIT, self::WAREHOUSE_VIEW, self::WAREHOUSE_EDIT, self::TRANSFER_EDIT, self::TICKET_VIEW))) {
return false;
}
return true;
}
protected function voteOnAttribute(string $attribute, mixed $subject, TokenInterface $token): bool
{
$user = $token->getUser();
$actualPermission = $subject;
$warehouseId = $subject;
$transferId = $subject;
$ticketId = $subject;
switch ($attribute) {
case self::VIEW: if($user->getPermissionType($actualPermission) == "R" || $user->getPermissionType($actualPermission) == "RW") return true; break;
case self::EDIT: if($user->getPermissionType($actualPermission) == "RW") return true; break;
case self::WAREHOUSE_VIEW: if($user->getPermissionWarehouse($warehouseId) == "R" || $user->getPermissionWarehouse($warehouseId) == "RW") return true; break;
case self::WAREHOUSE_EDIT: if($user->getPermissionWarehouse($warehouseId) == "RW") return true; break;
case self::TRANSFER_EDIT: if($user->getPermissionTransfer($transferId)) return true; break;
case self::TICKET_VIEW: if($user->getPermissionTicket($ticketId)) return true; break;
}
return false;
}
}